Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp2011133iog; Sun, 26 Jun 2022 04:33:02 -0700 (PDT) X-Google-Smtp-Source: AGRyM1svtav+zf3dS2zW6DP90fSla4c2gHpEGQ419zlHUVOqAVQQg7389MCRvHLXzvOzFB4FrSnW X-Received: by 2002:a17:907:3dac:b0:722:e6ab:8d9 with SMTP id he44-20020a1709073dac00b00722e6ab08d9mr8238707ejc.20.1656243182468; Sun, 26 Jun 2022 04:33:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1656243182; cv=none; d=google.com; s=arc-20160816; b=iuZL8MQBVh6dRDjBPFrmtHtTZPK8kWWeMt/Wj1mNh5xq4ARUbWvFIm6tFUGjetJX27 eONrSXFIKO96VBi1EqkYX9IVhdG2PQgXSwLZREOcV3Ju7PLt6lgtDMLbI2gjPOzNvpyD 1rr8qqbqOi5x1sU83JVjmT5LXHEUEYBHUQ09Xxo/HQX8u9YtGudZ9LkMpywwOE2+J1Zz yr2m+f3ubLjr9d498QQ/WneKHg2PErgtN9wXKDCtg3JNUgiBMf/1dLNJwPradKeFbCz/ sZLd1EIqTD4IWBkTDGc33dTkOuWNmK8rr8jvNrOFrTQINSmzjCPx8Du1GYJnJmdfLdlX iiqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ztpCLeJiN8x8NtOpZ42f8MSD1Gm0OAEWaX3b+SAs9kA=; b=C+1L07V9gJFrJMuSR8HgDFx0DffPWvf+TRNTxsC8fQwTzWEYMwOxdVKtpehKry0wfR hos7x5S0NuizkPr8ro+GYKIgeymbxQk8kjhncdMzytCeUZglKdkWyCwCuqNLKuxRfDko mECzEthHdo8OHGYEOR6AdJuXkoaR913ZZQqG7lR30is/Ui7qMWtAyjU6P4C7aqrIDCvS 7ofTFEWCu7f3SulmqWSsnMzoGPRlV3FaMpfbP81vyA4rvpajggCzoVqWxdv+Lx3aWL9s C9xX7bOeRugfVjR7s4c70GNexuzUvz3zhdLsX0PV+L8zJP0QHwm/qEcih6Iz2ivU15m2 14qg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b="fny0/IT4"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y16-20020a056402271000b0043770f4e810si5336472edd.217.2022.06.26.04.32.37; Sun, 26 Jun 2022 04:33:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b="fny0/IT4"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233643AbiFZLPb (ORCPT + 99 others); Sun, 26 Jun 2022 07:15:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52866 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229631AbiFZLPa (ORCPT ); Sun, 26 Jun 2022 07:15:30 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 57C77BE2E for ; Sun, 26 Jun 2022 04:15:29 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id F025E611F9 for ; Sun, 26 Jun 2022 11:15:28 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id D25DAC34114; Sun, 26 Jun 2022 11:15:27 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="fny0/IT4" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1656242125; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ztpCLeJiN8x8NtOpZ42f8MSD1Gm0OAEWaX3b+SAs9kA=; b=fny0/IT4ZwXmr6J7YriIEf3MCfCq11FKNasaW4DcI58lhhHAUNvJtLW59OCCqNICTRq13s lSUgR6eU7MNTm0Laq+DYAcVxlKaMZ9eWR7VenLKXpbvGhx3/T0D7B32EsYc2wzJGdWOkYm fRsH+lUBjLdV9RMyIcusngxCiXZ7++U= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id c89af2ac (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); Sun, 26 Jun 2022 11:15:25 +0000 (UTC) From: "Jason A. Donenfeld" To: geert@linux-m68k.org, laurent@vivier.eu, linux-m68k@lists.linux-m68k.org, linux-kernel@vger.kernel.org Cc: "Jason A. Donenfeld" Subject: [PATCH v2] m68k: virt: use RNG seed from bootinfo block Date: Sun, 26 Jun 2022 13:15:09 +0200 Message-Id: <20220626111509.330159-1-Jason@zx2c4.com> In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Other virt VMs can pass RNG seeds via the "rng-seed" device tree property or via UEFI, but m68k doesn't have either. Instead it has its own bootinfo protocol. So this commit adds support for receiving a RNG seed from it, which will be used at the earliest possible time in boot, just like device tree. Reviewed-by: Laurent Vivier Signed-off-by: Jason A. Donenfeld --- arch/m68k/include/uapi/asm/bootinfo-virt.h | 7 +++++++ arch/m68k/virt/config.c | 9 +++++++++ 2 files changed, 16 insertions(+) diff --git a/arch/m68k/include/uapi/asm/bootinfo-virt.h b/arch/m68k/include/uapi/asm/bootinfo-virt.h index e4db7e2213ab..0cb2c2a41610 100644 --- a/arch/m68k/include/uapi/asm/bootinfo-virt.h +++ b/arch/m68k/include/uapi/asm/bootinfo-virt.h @@ -13,6 +13,13 @@ #define BI_VIRT_VIRTIO_BASE 0x8004 #define BI_VIRT_CTRL_BASE 0x8005 +/* A random seed used to initialize the RNG. Record format: + * + * - length [ 2 bytes, 16-bit big endian ] + * - seed data [ `length` bytes ] + */ +#define BI_VIRT_RNG_SEED 0x8006 + #define VIRT_BOOTI_VERSION MK_BI_VERSION(2, 0) #endif /* _UAPI_ASM_M68K_BOOTINFO_MAC_H */ diff --git a/arch/m68k/virt/config.c b/arch/m68k/virt/config.c index 632ba200ad42..645acc6918b2 100644 --- a/arch/m68k/virt/config.c +++ b/arch/m68k/virt/config.c @@ -2,6 +2,7 @@ #include #include +#include #include #include @@ -92,6 +93,14 @@ int __init virt_parse_bootinfo(const struct bi_record *record) data += 4; virt_bi_data.virtio.irq = be32_to_cpup(data); break; + case BI_VIRT_RNG_SEED: { + u16 len = be16_to_cpup(data); + add_bootloader_randomness(data + 2, len); + /* Zero the data to preserve forward secrecy, and zero the + * length to prevent kexec from using it. */ + memzero_explicit((void *)data, len + 2); + break; + } default: unknown = 1; break; -- 2.35.1